Linux 4.1 Will Improve AMD Bulldozer's ASLR Entropy Issue

The x86/mm pull request was submitted this morning by Ingo Molnar for the Linux 4.1 kernel. This pull is particularly important for AMD Linux customers using Bulldozer (Family 15h) processors as it works to address an AMD Bulldozer Linux ASLR weakness that reduces the entropy available to the system 87.5%.
If you're not familiar with this potential security issue, see AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5% for the lengthy explanation that was penned by Hector Marco back in March. With Linux 4.1 is a change by Hector to improve the AMD Bulldozer ASLR aliasing workaround to increase randomization by three-bits per-bootup. This change is documented by this patch message.
Another x86/mm change is "Reduce PAE-mode per task pgd allocation overhead from 4K to 32 bytes" by Fenghua Yu. Due to the Intel Quark SoC being 32-bit and other (new) embedded hardware being 32-bit, there's a need for more modern memory optimizations to optimize the Linux kernel's experience when it comes to this hardware. Yu explained, "With more embedded systems emerging using Quark, among other things, 32-bit kernel matters again. 32-bit machine and kernel uses PAE paging, which currently wastes at least 4K of memory per process on Linux where we have to reserve an entire page to support a single 32-byte PGD structure. It would be a very good thing if we could eliminate that wastage. PAE paging is used to access more than 4GB memory on x86-32. And it is required for NX....we can save memory space by only allocating 32-byte pgd for 32-bit PAE kernel when it is not running as a Xen domain."
More details on the other x86/mm changes for Linux 4.1 can be found by this pull request.
13 Comments